Category Archives: Compliance

  • 0

To Fraudsters, Your LinkedIn Profile IS a Consumer Report

An inter­est­ing post in Cor­po­rate describes a dis­missed law­suit plain­tiffs brought against LinkedIn.  Plain­tiffs claimed LinkedIn’s search func­tion allowed poten­tial employ­ers to see past jobs and ref­er­ences, and in plain­tiffs’ case, dis­cover infor­ma­tion that reflected neg­a­tively on them.  The suit was thrown out, as the judge ruled that LinkedIn serves only as an infor­ma­tion gath­er­ing ser­vice, and not akin to a con­sumer report under the Fair Credit Report­ing Act, as claimed by the plaintiffs.

I’ll leave it to the attor­neys to com­ment on this rul­ing, one way or the other.  What inter­ests me is that while the courts (at least so far), don’t deem LinkedIn to be a “con­sumer report”, iden­tity thieves cer­tainly do, and will con­tinue to do so, as long as LinkedIn mem­bers con­tinue to post cer­tain per­sonal infor­ma­tion.  Birth­days, for exam­ple pro­vide fraud­sters with one more piece of per­sonally identifiable (PII) infor­ma­tion that, in com­bi­na­tion with oth­ers, can be used to steal one’s iden­tity.  Post­ing a birth­date — even if only the month and the day — might seem innocu­ous enough.  After all, it does pro­vide your net­work to engage you in another way.  But if your pro­file lists your dates of employ­ment (if not when you grad­u­ated), iden­tity thieves will do the math and find the year you were born.

Fraud­sters have sev­eral options once they have all of the infor­ma­tion they need:  They could sell your infor­ma­tion to other iden­tity thieves; open credit cards in your name or access your bank accounts; or socially engi­neer their way into your com­pany or orga­ni­za­tion for a mother lode of sen­si­tive cor­po­rate and con­sumer infor­ma­tion (e.g. IP, trade secrets, cus­tomer account infor­ma­tion, etc.).

So far, we’re only talk­ing about per­sonal infor­ma­tion on LinkedIn, one of the most pro­fes­sional social net­work­ing sites out there.  What infor­ma­tion are you divulging on Face­book?  Insta­gram?  Twit­ter?  Snapchat?  We all have infor­ma­tion out there on the web.  My hope is that this will pro­vide an impe­tus to review your LinkedIn pro­file and your other social net­work accounts to help reduce your risk of iden­tity theft.

  • 0

A Successful Response to FCPA Violations

This is an excel­lent exam­ple of how the com­bi­na­tion of an anony­mous tip line and proac­tive man­age­ment min­i­mized the finan­cial impact of FCPA vio­la­tions. How­ever, one has to won­der whether these FCPA violations could have been uncov­ered dur­ing due dili­gence pro­ce­dures, even if these subs were merely part of a larger tar­get that was acquired. Iden­ti­fy­ing and test­ing accounts with inher­ent FCPA risk (freight and other high-volume accounts and pro­mo­tional prod­uct and other sales and mar­ket­ing accounts) might have caught this sooner.

LinkedIn Auto Publish Powered By :